we have made first tests and have found some questions, but also some answers…
Currently we have configured a passthrough to forward users who do not have a token to our RSA appliance.
is it correct / wanted that this forwarding does not appear in the audit log? It works but we would like to see it there as well.
later we will have 2 Radius Clients and would like to authorize different user groups (VPN User and Citrix User) is this possible?
with the RSA token we use a pin, if this must be set PrivacyIdea rejects the user. I have already searched for this and found an entry from 2019 that this is not supported and therefore assume that it is still immre so, then ok.
if the RSA appliance wants a second token, PI denies the login as well. Can this be solved otherwise?
I hope it’s ok to start the thread this way, if it’s too much I’m happy to divide the questions into single posts.
Many thanks in advance!